This article is more than 1 year old
2017: The FBI alerts parents to dangers of Internet of Sh*t toys
Families urged to brush up on opsec, check for privacy leaks, patch security flaws, if possible
The FBI issued a warning Monday advising parents to carefully check internet-connected toys for possible privacy and security concerns.
In this startling alert, the Feds gave America's families the grim news: many toys sporting cloud-backed features such as speech recognition or online content hosting "could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed."
"Security safeguards for these toys can be overlooked in the rush to market them and to make them easy to use," the FBI warns. "Consumers should perform online research of these products for any known issues that have been identified by security researchers or in consumer reports."
Under the Children's Online Privacy Protection Act (COPPA), companies are required to get permission from parents before collecting any personal information on a user who is under the age of 13.
The FBI warning advises parents to not only review what exactly the toys can collect and transmit, but also the privacy policies they operate under. Additionally, parents are advised to only operate connected toys on trusted Wi-Fi networks and to make sure the firmware and patches are installed for apps and connected devices.
"Bluetooth-connected toys that do not have authentication requirements (such as PINs or passwords) when pairing with the mobile devices could pose a risk for unauthorized access to the toy and allow communications with a child user," the FBI warns.
"It could also be possible for unauthorized users to remotely gain access to the toy if the security measures used for these connections are insufficient or the device is compromised." ®